On Sat, 2008-03-08 at 02:14 +0000, Scott Kitterman wrote:
> >This could well be a regression (Why was the antivirus plugin version
> >allowed to change? isnt that against policy?), so i consider it worth
> >noting.
>
> It's because the old version of clamav that it uses had serious security issues and wasn't
> maintainable. The updated provided fixes for (IIRC) 19 CVE bugs.
fairly impressive number (i had been wondering how clamav updates would
be handled).
incase its relevent, here is the config i had to (re?) introduce to get
dans working again (which is the AV section):
# OPTION: virusscan
# If on, content will be scanned using virus engine setup in
dansguardian.conf.
# More options are available in dansguardian.conf.
virusscan = on
# OPTION: exceptionvirusextensionlist
# The following file allow you to define file extensions
# that should not be virus scanned.
exceptionvirusextensionlist =
'/etc/dansguardian/exceptionvirusextensionlist'
# OPTION: exceptionvirusmimetypelist
# The following file allow you to define mime types
# that should not be virus scanned.
exceptionvirusmimetypelist =
'/etc/dansguardian/exceptionvirusmimetypelist'
# OPTION: exceptionvirussitelist
# File location of definition of sites not be virus scanned.
exceptionvirussitelist = '/etc/dansguardian/exceptionvirussitelist'
# OPTION: exceptionvirusurllist
# File location of definition of URLs not be virus scanned.
exceptionvirusurllist = '/etc/dansguardian/exceptionvirusurllist'
# OPTION: dlmgrextensionlist
# File location of file extensions to be handled by embedded download
manager.
dlmgrextensionlist = '/etc/dansguardian/dlmgrextensionlist'
Two of these lines were already there, but i dont remember which.
kk
On Sat, 2008-03-08 at 02:14 +0000, Scott Kitterman wrote:
> >This could well be a regression (Why was the antivirus plugin version
> >allowed to change? isnt that against policy?), so i consider it worth
> >noting.
>
> It's because the old version of clamav that it uses had serious security issues and wasn't
> maintainable. The updated provided fixes for (IIRC) 19 CVE bugs.
fairly impressive number (i had been wondering how clamav updates would
be handled).
incase its relevent, here is the config i had to (re?) introduce to get
dans working again (which is the AV section):
# OPTION: virusscan
# If on, content will be scanned using virus engine setup in
dansguardian.conf.
# More options are available in dansguardian.conf.
virusscan = on
# OPTION: exceptionviruse xtensionlist xtensionlist = ian/exceptionvi rusextensionlis t' imetypelist imetypelist = ian/exceptionvi rusmimetypelist '
# The following file allow you to define file extensions
# that should not be virus scanned.
exceptionviruse
'/etc/dansguard
# OPTION: exceptionvirusm
# The following file allow you to define mime types
# that should not be virus scanned.
exceptionvirusm
'/etc/dansguard
# OPTION: exceptionviruss itelist itelist = '/etc/dansguard ian/exceptionvi russitelist'
# File location of definition of sites not be virus scanned.
exceptionviruss
# OPTION: exceptionvirusu rllist rllist = '/etc/dansguard ian/exceptionvi rusurllist'
# File location of definition of URLs not be virus scanned.
exceptionvirusu
# OPTION: dlmgrextensionlist ian/dlmgrextens ionlist'
# File location of file extensions to be handled by embedded download
manager.
dlmgrextensionlist = '/etc/dansguard
Two of these lines were already there, but i dont remember which.
kk